From 74576e6f625ddcbb25426bb6f95bc549275ec665 Mon Sep 17 00:00:00 2001
From: Raphanaud <noeraphanaud@gmail.com>
Date: Mon, 13 Dec 2021 11:38:08 +0100
Subject: [PATCH] ansible/

---
 ansible/.tomcat-setup.yml.swp                 | Bin 0 -> 1024 bytes
 ansible/hosts                                 |   2 +
 ansible/invent                                |   1 +
 ansible/local2.yml                            |   3 +
 ansible/roles/db/tasks/main.yml               |  44 +++++++++
 ansible/roles/db/vars/debian.yml              |   5 ++
 ansible/roles/dbdump/tasks/main.yml           |   8 ++
 ansible/roles/tomcat/defaults/main.yml        |   3 +
 ansible/roles/tomcat/handlers/main.yml        |   4 +
 ansible/roles/tomcat/tasks/main.yaml          |   8 ++
 .../tomcat/tasks/tomcat-setup-Debian.yml      |  85 ++++++++++++++++++
 ansible/roles/tomcat/templates/context.xml.j2 |  19 ++++
 .../tomcat/templates/tomcat-users.xml.j2      |  45 ++++++++++
 .../roles/tomcat/templates/tomcat.service.j2  |  22 +++++
 ansible/roles/tomcat/vars/Debian.yml          |   2 +
 ansible/roles/tomcat/vars/RedHat.yml          |   1 +
 ansible/tomcat-setup.yml                      |  15 ++++
 17 files changed, 267 insertions(+)
 create mode 100644 ansible/.tomcat-setup.yml.swp
 create mode 100644 ansible/hosts
 create mode 100644 ansible/invent
 create mode 100644 ansible/local2.yml
 create mode 100644 ansible/roles/db/tasks/main.yml
 create mode 100644 ansible/roles/db/vars/debian.yml
 create mode 100644 ansible/roles/dbdump/tasks/main.yml
 create mode 100644 ansible/roles/tomcat/defaults/main.yml
 create mode 100644 ansible/roles/tomcat/handlers/main.yml
 create mode 100644 ansible/roles/tomcat/tasks/main.yaml
 create mode 100644 ansible/roles/tomcat/tasks/tomcat-setup-Debian.yml
 create mode 100644 ansible/roles/tomcat/templates/context.xml.j2
 create mode 100644 ansible/roles/tomcat/templates/tomcat-users.xml.j2
 create mode 100644 ansible/roles/tomcat/templates/tomcat.service.j2
 create mode 100644 ansible/roles/tomcat/vars/Debian.yml
 create mode 100644 ansible/roles/tomcat/vars/RedHat.yml
 create mode 100644 ansible/tomcat-setup.yml

diff --git a/ansible/.tomcat-setup.yml.swp b/ansible/.tomcat-setup.yml.swp
new file mode 100644
index 0000000000000000000000000000000000000000..f55f859315ac2365b389eb29e506a595214f9688
GIT binary patch
literal 1024
zcmYc?$V<%2S1{ExVL$=fof#O4^7Bhj1aWW@^NKT*a#D2*vWjr1fC!i5=O!nX=oY7z
Xlose!=H}p4JSsUF0;3^7^AG?4Q2r2c

literal 0
HcmV?d00001

diff --git a/ansible/hosts b/ansible/hosts
new file mode 100644
index 0000000..9a9fe91
--- /dev/null
+++ b/ansible/hosts
@@ -0,0 +1,2 @@
+[tomcat-nodes]
+localhost # Add Server IP address, one line per server
diff --git a/ansible/invent b/ansible/invent
new file mode 100644
index 0000000..2fbb50c
--- /dev/null
+++ b/ansible/invent
@@ -0,0 +1 @@
+localhost
diff --git a/ansible/local2.yml b/ansible/local2.yml
new file mode 100644
index 0000000..6bd73c6
--- /dev/null
+++ b/ansible/local2.yml
@@ -0,0 +1,3 @@
+- hosts: all
+  roles:
+  - db
diff --git a/ansible/roles/db/tasks/main.yml b/ansible/roles/db/tasks/main.yml
new file mode 100644
index 0000000..3e4d7e1
--- /dev/null
+++ b/ansible/roles/db/tasks/main.yml
@@ -0,0 +1,44 @@
+- name: "[MYSQL] - update cache"
+  apt:
+    update_cache: yes
+
+- name: "[MYSQL] - install"
+  apt:
+    name: mariadb-server
+    state: latest
+
+- name: "[Python] - install"
+  apt:
+    name: python
+    state: latest
+
+- name: "[MYSQL] - start mysql"
+  service:
+    name: "mysqld"
+    state: started
+    enabled: yes
+
+- name: "[MYSQL] - create database"
+  community.mysql.mysql_db:
+    name:
+      - sdis29
+    state: present
+
+- name: "[MYSQL] - create user"
+  mysql_user:
+    name: "slam"
+    password: "Azerty1+"
+    priv: "*.*:ALL"
+    host: "127.0.0.1"
+    become: yes
+
+- name: Copier dump
+  copy:
+    src: db-sauv.sql.gz
+    dest: /tmp
+
+- name: Restorer la base de données
+  community.mysql.mysql_db:
+    name: my_db
+    state: import
+    target: /tmp/db-sauv.sql.gz
diff --git a/ansible/roles/db/vars/debian.yml b/ansible/roles/db/vars/debian.yml
new file mode 100644
index 0000000..f3a9994
--- /dev/null
+++ b/ansible/roles/db/vars/debian.yml
@@ -0,0 +1,5 @@
+mysql_packages:
+ - mariadb-server
+ - python-m ysqldb
mysql_db: "sdis29"

+ - mysql_user: "slam"

+ - mysql_password: "Azerty1+"
diff --git a/ansible/roles/dbdump/tasks/main.yml b/ansible/roles/dbdump/tasks/main.yml
new file mode 100644
index 0000000..5cbc073
--- /dev/null
+++ b/ansible/roles/dbdump/tasks/main.yml
@@ -0,0 +1,8 @@
+- name: create a backup
+  mysql_db:
+    name: sdis29
+    state: dump
+    target: /tmp/sdis29.sql
+    login_host: localhost
+    login_user: slam
+    login_password: Azerty1+
diff --git a/ansible/roles/tomcat/defaults/main.yml b/ansible/roles/tomcat/defaults/main.yml
new file mode 100644
index 0000000..6086e1e
--- /dev/null
+++ b/ansible/roles/tomcat/defaults/main.yml
@@ -0,0 +1,3 @@
+---
+tomcat_archive_url: https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.14/bin/apache-tomcat-10.0.14.tar.gz
+tomcat_archive_dest: /tmp/apache-tomcat-{{ tomcat_ver }}.tar.gz
diff --git a/ansible/roles/tomcat/handlers/main.yml b/ansible/roles/tomcat/handlers/main.yml
new file mode 100644
index 0000000..02c4fcb
--- /dev/null
+++ b/ansible/roles/tomcat/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: restart tomcat
+  service:
+    name: tomcat
+    state: restarted
diff --git a/ansible/roles/tomcat/tasks/main.yaml b/ansible/roles/tomcat/tasks/main.yaml
new file mode 100644
index 0000000..9ba17ed
--- /dev/null
+++ b/ansible/roles/tomcat/tasks/main.yaml
@@ -0,0 +1,8 @@
+---
+- name: Add the OS specific variables
+  include_vars: "{{ item }}"
+  with_first_found:
+    - "{{ ansible_distribution }}{{ ansible_distribution_major_version }}.yml"
+    - "{{ ansible_os_family }}.yml"
+
+- include_tasks: "tomcat-setup-{{ ansible_os_family }}.yml"
diff --git a/ansible/roles/tomcat/tasks/tomcat-setup-Debian.yml b/ansible/roles/tomcat/tasks/tomcat-setup-Debian.yml
new file mode 100644
index 0000000..90a81ce
--- /dev/null
+++ b/ansible/roles/tomcat/tasks/tomcat-setup-Debian.yml
@@ -0,0 +1,85 @@
+- name: Ensure the system can use the HTTPS transport for APT.
+  stat:
+    path: /usr/lib/apt/methods/https
+  register: apt_https_transport
+
+- name: Install APT HTTPS transport.
+  apt:
+    name: "apt-transport-https"
+    state: present
+    update_cache: yes
+  when: not apt_https_transport.stat.exists
+
+- name: Install basic packages
+  package:
+    name: ['vim','aptitude','bash-completion','tmux','tree','htop','wget','unzip','curl','git','python']
+    state: present
+    update_cache: yes
+
+- name: Install Default Java (Debian/Ubuntu)
+  apt:
+    name: default-jdk
+    state: present
+
+- name: Add tomcat group
+  group:
+    name: tomcat
+
+- name: Add "tomcat" user
+  user:
+    name: tomcat
+    group: tomcat
+    home: /usr/share/tomcat
+    createhome: no
+    system: yes
+
+- name: Download Tomcat
+  get_url:
+    url: "https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.14/bin/apache-tomcat-10.0.14.tar.gz"
+    dest: "{{ tomcat_archive_dest }}"
+
+- name: Create a tomcat directory
+  file:
+    path: /usr/share/tomcat
+    state: directory
+    owner: tomcat
+    group: tomcat
+
+- name: Extract tomcat archive
+  unarchive:
+    src: "{{ tomcat_archive_dest }}"
+    dest: /usr/share/tomcat
+    owner: tomcat
+    group: tomcat
+    remote_src: yes
+    extra_opts: "--strip-components=1"
+    creates: /usr/share/tomcat/bin
+
+- name: Copy tomcat service file
+  template:
+    src: templates/tomcat.service.j2
+    dest: /etc/systemd/system/tomcat.service
+  when: ansible_service_mgr == "systemd"
+
+- name: Start and enable tomcat
+  service:
+    daemon_reload: yes
+    name: tomcat
+    state: started
+    enabled: yes
+  when: ansible_service_mgr == "systemd"
+- name: Set UI access credentials
+  template:
+    src: tomcat-users.xml.j2
+    dest: /usr/share/tomcat/conf/tomcat-users.xml
+  notify: restart tomcat
+
+- name: Allow access to Manager and Host Manager apps from any IP
+  template:
+    src: context.xml.j2 
+    dest: "{{ item }}"
+  with_items:
+    - /usr/share/tomcat/webapps/host-manager/META-INF/context.xml
+    - /usr/share/tomcat/webapps/manager/META-INF/context.xml
+  notify: restart tomcat
+
diff --git a/ansible/roles/tomcat/templates/context.xml.j2 b/ansible/roles/tomcat/templates/context.xml.j2
new file mode 100644
index 0000000..9265673
--- /dev/null
+++ b/ansible/roles/tomcat/templates/context.xml.j2
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<Context antiResourceLocking="false" privileged="true" >
+</Context>
diff --git a/ansible/roles/tomcat/templates/tomcat-users.xml.j2 b/ansible/roles/tomcat/templates/tomcat-users.xml.j2
new file mode 100644
index 0000000..976627e
--- /dev/null
+++ b/ansible/roles/tomcat/templates/tomcat-users.xml.j2
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<tomcat-users xmlns="http://tomcat.apache.org/xml"
+              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
+              version="1.0">
+<!--
+  NOTE:  By default, no user is included in the "manager-gui" role required
+  to operate the "/manager/html" web application.  If you wish to use this app,
+  you must define such a user - the username and password are arbitrary. It is
+  strongly recommended that you do NOT use one of the users in the commented out
+  section below since they are intended for use with the examples web
+  application.
+-->
+<!--
+  NOTE:  The sample user and role entries below are intended for use with the
+  examples web application. They are wrapped in a comment and thus are ignored
+  when reading this file. If you wish to configure these users for use with the
+  examples web application, do not forget to remove the <!.. ..> that surrounds
+  them. You will also need to set the passwords to something appropriate.
+-->
+<!-- user manager can access only manager section -->
+<role rolename="manager-gui" />
+<user username="{{ ui_manager_user }}" password="{{ ui_manager_pass }}" roles="manager-gui" />
+
+<!-- user admin can access manager and admin section both -->
+<role rolename="admin-gui" />
+<user username="{{ ui_admin_username }}" password="{{ ui_admin_pass }}" roles="manager-gui,admin-gui" />
+</tomcat-users>
+
diff --git a/ansible/roles/tomcat/templates/tomcat.service.j2 b/ansible/roles/tomcat/templates/tomcat.service.j2
new file mode 100644
index 0000000..e0d34bd
--- /dev/null
+++ b/ansible/roles/tomcat/templates/tomcat.service.j2
@@ -0,0 +1,22 @@
+[Unit]
+Description=Tomcat
+After=syslog.target network.target
+
+[Service]
+Type=forking
+
+User=tomcat
+Group=tomcat
+
+Environment=JAVA_HOME={{ JAVA_HOME }}
+Environment='JAVA_OPTS=-Djava.awt.headless=true'
+
+Environment=CATALINA_HOME=/usr/share/tomcat
+Environment=CATALINA_BASE=/usr/share/tomcat
+Environment=CATALINA_PID=/usr/share/tomcat/temp/tomcat.pid
+
+ExecStart=/usr/share/tomcat/bin/catalina.sh start
+ExecStop=/usr/share/tomcat/bin/catalina.sh stop
+
+[Install]
+WantedBy=multi-user.target
diff --git a/ansible/roles/tomcat/vars/Debian.yml b/ansible/roles/tomcat/vars/Debian.yml
new file mode 100644
index 0000000..aae9205
--- /dev/null
+++ b/ansible/roles/tomcat/vars/Debian.yml
@@ -0,0 +1,2 @@
+---
+JAVA_HOME: /usr/lib/jvm/default-java
diff --git a/ansible/roles/tomcat/vars/RedHat.yml b/ansible/roles/tomcat/vars/RedHat.yml
new file mode 100644
index 0000000..60943a8
--- /dev/null
+++ b/ansible/roles/tomcat/vars/RedHat.yml
@@ -0,0 +1 @@
+JAVA_HOME: /usr/lib/jvm/jre
diff --git a/ansible/tomcat-setup.yml b/ansible/tomcat-setup.yml
new file mode 100644
index 0000000..47378e3
--- /dev/null
+++ b/ansible/tomcat-setup.yml
@@ -0,0 +1,15 @@
+---
+- name: Tomcat deployment playbook
+  hosts: all       # Inventory hosts group / server to act on
+  become: yes               # If to escalate privilege
+  become_method: sudo       # Set become method
+  remote_user: root         # Update username for remote server
+  vars:
+    tomcat_ver: 10.0.14                          # Tomcat version to install
+    ui_manager_user: manager                    # User who can access the UI manager section only
+    ui_manager_pass: root      # UI manager user password
+    ui_admin_username: admin                    # User who can access bpth manager and admin UI sections
+    ui_admin_pass: root          # UI admin password
+  roles:
+    - tomcat
+